Ran into an ugly problem this morning. Drupal was indexing non-public nodes and showing their snippets in the search results, basically leaking private information. I am sure there is some clever access control way to deal with this, but I ended up just knocking them out on the theme level. Since I already had a phptemplate_search_item function in my template.php (for aesthetic reasons), it was just a question of adding this as the first line (as per http://drupal.org/node/84955):
<?php
if( $item['node']->type == 'eventreg_contact') return; // excude eventreg_contact from search results
?>